<?

/*
	Document manager handling for .htusers file

	This file is included early in docman.php and it should return:
	$gblUserName	descriptive username
	$gblPw		md5 hash of joint login and password
	$gblEmail	e-mail address of user

	This module can use any back magic to find who the user
	is, but I suggest $PHP_AUTH_USER and $PHP_AUTH_PW
*/

	$htusers_file=dirname($SCRIPT_FILENAME)."/.htusers";
	if (! file_exists($htusers_file)) {
		if (is_writeable(dirname($SCRIPT_FILENAME))) {
			$htusers=fopen($htusers_file,"a+");
			fputs($htusers,"# Change owner of $htusers_file to root !!\n");
			fputs($htusers,"demo:full name:[md5_hash|auth_*]:e-mail\n");
			fclose($htusers);
			Error("Proto user file created!","Please edit <tt>$htusers_file</tt> and set it correct permissions (<B>not writable by web server as it is now!</b>). You can add users using <tt>adduser.pl</tt> script!");
			exit;
		} else {
			Error("Can't create proto user file!","Please make directory <tt>".dirname($htusers_file)."</tt> writable or create <tt>.htusers</tt> file by hand using <tt>adduser.pl</tt> script!");
			exit;
		}
	}
	$htusers=fopen($htusers_file,"r");
	while($user = fgetcsv($htusers,255,":")) {
		if ($user[0] == $GLOBALS["PHP_AUTH_USER"]) {
			$gblUserName=$user[1];
			$gblPw=$user[2];
			if (substr($gblPw,0,5) == "auth_" && file_exists("$gblIncDir/$gblPw.php")) {
				require("$gblIncDir/$gblPw.php");
				if ($gblPw($user)) {
					$gblPw=md5($PHP_AUTH_USER.$PHP_AUTH_PW);
				} else {
					$gblPw="error".md5($PHP_AUTH_USER.$PHP_AUTH_PW);
				}
			}
			$gblEmail=$user[3];
			continue ;
		}
	}
	fclose($htusers);

?>
